Last Comment Bug 396484 - certutil doesn't truncate existing temporary files when writing them
: certutil doesn't truncate existing temporary files when writing them
Status: RESOLVED FIXED
:
Product: NSS
Classification: Components
Component: Tools (show other bugs)
: trunk
: All All
: P2 minor (vote)
: 3.12
Assigned To: Neil Williams
:
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2007-09-17 14:51 PDT by Neil Williams
Modified: 2007-12-11 18:45 PST (History)
0 users
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---


Attachments
add PR_TRUNCATE to temp file create calls (2.10 KB, patch)
2007-09-18 19:14 PDT, Neil Williams
julien.pierre: review+
nelson: review+
Details | Diff | Splinter Review

Description Neil Williams 2007-09-17 14:51:47 PDT
Certutil -C and -S commands create temporary cert or cert request files for storing working versions of the objects. If the files exist when certutil is run and they are longer than the cert (req) created extraneous data remains at the end of the file. When the temp file is read back in--for certs, at least--the file length is checked against the DER encoded length, which fails.
Comment 1 Neil Williams 2007-09-18 19:14:26 PDT
Created attachment 281406 [details] [diff] [review]
add PR_TRUNCATE to temp file create calls
Comment 2 Nelson Bolyard (seldom reads bugmail) 2007-09-19 17:36:13 PDT
Comment on attachment 281406 [details] [diff] [review]
add PR_TRUNCATE to temp file create calls

r=nelson for the trunk.
Leaving second review request for branch.
Comment 3 Neil Williams 2007-09-19 18:54:11 PDT
Checking in cmd/certutil/certutil.c;
/cvsroot/mozilla/security/nss/cmd/certutil/certutil.c,v  <--  certutil.c
new revision: 1.121; previous revision: 1.120
done
Comment 4 Nelson Bolyard (seldom reads bugmail) 2007-11-08 19:44:51 PST
Fixed on trunk.  Fix didn't get into branch in time for 3.11.8.
Comment 5 Nelson Bolyard (seldom reads bugmail) 2007-12-11 18:45:29 PST
Neil fixed this on the trunk.  IMO, that's good enough.

Note You need to log in before you can comment on or make changes to this bug.